routes not up

[zapeador]

hello I have a machine that when starting I have to add some routes for example:

route add -net 111.0.0.0 netmask 240.0.0.0 enp0s3
route add -net 222.0.0.0/8 dev enp0s3

I put these lines in /etc/network/interfaces

#up route add -net 111.0.0.0 netmask 240.0.0.0 enp0s3
#up route add -net 222.0.0.0/8 dev enp0s3

but when restarting it does not raise them, sometimes even the network throws me and I have to enter the console to restart it

Any idea how to get them to stand up on their own? Yes, when I start them I enter them by command, no problem, but it is dangerous to forget to enter them by hand

 

[dos2unix]

1. Do you really need two entire class A address spaces? 32 million addresses?
This will cause a pretty good broadcast storm on your interface, especially if you're
doing all this through 1 interface.

2. 111.x.x.x and 222.x.x.x are routable subnets, that really belong to someone out on the internet.
It is illegal for you to route them outside your private network.

How many devices do you actually have? I you really 32 million devices you need to get about 10,000
routers and segment this down to manageable sizes.

I would recommend using IPs that are non-routable to the internet.
192.168.x.0 or 10.x.x.x ( if you really need a class A )

I would also recommend knocking these down to something like a class C at least.
192.168.1.0/24 or 10.1.0.0/24, if possible split them across two NICs.

What distro are you using? Are you using NetworkManager? It has some guards built-in to keep
people from doing things like this. There are ways to by-pass some of them.

I hope you have a lot of RAM, you will need about 64GB to store 32 million MAC addresses.

 

[zapeador]

1. Do you really need two entire class A address spaces? 32 million addresses?
This will cause a pretty good broadcast storm on your interface, especially if you're
doing all this through 1 interface.

2. 111.x.x.x and 222.x.x.x are routable subnets, that really belong to someone out on the internet.
It is illegal for you to route them outside your private network.

How many devices do you actually have? I you really 32 million devices you need to get about 10,000
routers and segment this down to manageable sizes.

I would recommend using IPs that are non-routable to the internet.
192.168.x.0 or 10.x.x.x ( if you really need a class A )

I would also recommend knocking these down to something like a class C at least.
192.168.1.0/24 or 10.1.0..0/24, if possible split them across two NICs.

What distro are you using? Are you using NetworkManager? It has some guards built-in to keep
people from doing things like this. There are ways to by-pass some of them.

Thanks for the explanation, I am not really an expert in networks but those routes were examples, they are really internal (10.*.*.*) but I put it like this as an example, and maybe it will explain me more, and also neither It's just a network interface, there are more than one. In any case, I appreciate your explanation, although the problem is not the numbers.

i am using debian only console without X

 

[NorthWest]

zapeador wrote:

Any idea how to get them to stand up on their own? Yes, when I start them I enter them by command, no problem,

Since your commands work if you run them manually, if the commands don't work in the interfaces file, then you have other options. You can create a systemd service that will start them, which can then be enabled to start on boot. You'd just need to configure having the network started in that service before your route commands take effect which is easily done in the service file. Another option is write an /etc/rc.local file that starts up the route commands. The rc.local file runs at the end of boot so if your network starts during boot, there may be no problems. Otherwise you can write some code in the rc.local file to check that the network is up before running your route commands and that ensures the matter.

 

[zapeador]

I followed your advice and created an rc.local file although originally this system didn't have rc.local enabled.

Thanks for the help